# Generates CA certificate and imports it to a truststore
echo -e "\n\n..::::: CA :::::..\n"

mkdir ca
cd ca

SERIAL=01
CERT_PASSWORD=password
STORE_PASSWORD=password

# Create X.509 CA certificate
openssl req -new -x509 -passout pass:$CERT_PASSWORD -subj /CN=CA -set_serial $SERIAL -out cacert.pem
echo $SERIAL > ca.srl

# Import certificate to a truststore
keytool -import -alias CA -file cacert.pem -keystore truststore -storepass $STORE_PASSWORD -noprompt

# Verify that a certificate chain has been established
keytool -list -v -keystore truststore -storepass $STORE_PASSWORD

cd ..
